package cn.edu.security.browser.config;

import cn.edu.security.browser.authentication.EduAuthenticationFailureHandler;
import cn.edu.security.browser.authentication.EduAuthenticationSuccessHandler;
import cn.edu.security.core.authentication.AbstractChannelSecurityConfig;
import cn.edu.security.core.authentication.mobile.SmsCodeAuthenticationSecurityConfig;
import cn.edu.security.core.properties.SecurityConstants;
import cn.edu.security.core.properties.SecurityProperties;
import cn.edu.security.core.validate.code.ValidateCodeFilter;
import cn.edu.security.core.validate.code.ValidateCodeSecurityConfig;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Configurable;
import org.springframework.context.annotation.Bean;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.web.authentication.rememberme.JdbcTokenRepositoryImpl;
import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
import org.springframework.social.security.SpringSocialConfigurer;

import javax.sql.DataSource;

/**
 * spring security config
 */
@Configurable
@EnableWebSecurity
public class BrowserSecurityConfig extends AbstractChannelSecurityConfig {

    @Autowired
    private SecurityProperties securityProperties;

    @Autowired
    private EduAuthenticationSuccessHandler eduAuthenticationSuccessHandler;

    @Autowired
    private EduAuthenticationFailureHandler eduAuthenticationFailureHandler;

    @Autowired
    private ValidateCodeFilter validateCodeFilter;

    @Autowired
    private DataSource dataSource;

    @Autowired
    private UserDetailsService userDetailsService;

    @Autowired
    private SmsCodeAuthenticationSecurityConfig smsCodeAuthenticationSecurityConfig;

    @Autowired
    private ValidateCodeSecurityConfig validateCodeSecurityConfig;

   @Autowired
    private SpringSocialConfigurer eduSocialSecurityConfig;

    @Bean
    public PersistentTokenRepository persistentTokenRepository(){
        JdbcTokenRepositoryImpl tokenRepository = new JdbcTokenRepositoryImpl();
        tokenRepository.setDataSource(dataSource);
        //tokenRepository.setCreateTableOnStartup(true);
        return tokenRepository;
    }

    @Override
    protected void configure(HttpSecurity http) throws Exception {
        applyPasswordAuthenticationConfig(http);

        http.apply(validateCodeSecurityConfig)
                .and()
                .apply(smsCodeAuthenticationSecurityConfig)
                .and()
                .apply(eduSocialSecurityConfig)
                .and()
                .rememberMe()
                .tokenRepository(persistentTokenRepository())
                .tokenValiditySeconds(securityProperties.getBrowser().getRememberMeSeconds())
                .userDetailsService(userDetailsService)
                .and()
                .authorizeRequests()
                .antMatchers(
                        SecurityConstants.DEFAULT_UNAUTHENTICATION_URL,
                        SecurityConstants.DEFAULT_LOGIN_PROCESSING_URL_MOBILE,
                        securityProperties.getBrowser().getLoginPage(),
                        SecurityConstants.DEFAULT_VALIDATE_CODE_URL_PREFIX+"/*",
                        "/user/register","/qqLogin/callback.do","/qqLogin/weixin")
                .permitAll()
                .anyRequest()
                .authenticated()
                .and()
                .csrf().disable();
//        .antMatchers(
//                "/v2/api-docs",
//                "/swagger-resources/configuration/ui",
//                "/swagger-resources",
//                "/swagger-resources/configuration/security",
//                "/swagger-ui.html",
//                "/css/**",
//                "/js/**",
//                "/images/**",
//                "/webjars/**",
//                "/import/test",
//                "**/favicon.ico",
//                "/index").permitAll()
//                .and().cors()
//                .and().csrf().disable();
    }
}
